Your data is secure with EPCC!

29 October 2018

Here at EPCC we aim to be a leader in the secure hosting and management of huge and varied datasets to support data research. For example we host and manage Safe Havens on behalf of the Farr Institute and Scottish Genome Partnership, with a Safe Haven for the Alan Turing Institute under development. 

A Safe Haven is a secure environment in which data is linked and accessed. It provides a high powered computing service, secure analytic environment, secure file transfer protocol for receipt of data, and provision of a range of analytic software. Safe havens allow data from electronic records to be used to support research when it is not practicable to obtain individual patient or subject consent, and protect patient or subject identity and privacy. Data from different sources can be linked to answer specific research questions, subject to the required information governance.

The University of Edinburgh is set to play a key role in the Edinburgh and South East Scotland City Region Deal, delivering the deal’s Data-Driven Innovation programme. Underpinning new data innovation hubs across the University will be an exciting new facility for the secure and trustworthy hosting and analysis of huge and varied datasets hosted and managed by EPCC. Key to the success of EPCC in providing data services is trust from its customers that it provides best practice in information security and data handling. ISO 27001 certification introduces a framework to deliver best practice and to demonstrate this achievement to our customer and user base. 

ISO 27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.

EPCC has designed an ISMS to provide services and systems to meet the terms of the relevant contracts and agreements with respect to confidentiality, integrity, accessibility and availability. It has also been designed to meet the information security risk appetite of its stakeholders. With ISO 27001 and ISO 9001 Quality Management certifications, we are confident that we have the processes and information security framework which deliver best practice services to our customers and provide a mechanism to continually improve our services to meet customer and user requirements.

You can also read this story on issuu.com